-
Notifications
You must be signed in to change notification settings - Fork 786
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use temporary name for netdevice when moving in/out of NS #1002
Conversation
8dd7158
to
90db66c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@adrianchiris sorry to review this. It looks good to me almost code. Regarding error handling, I added one comment. could you please take a look into it? Thanks!
|
||
tempDev, err := setTempName(hostDev) | ||
if err != nil { | ||
return nil, fmt.Errorf("failed to rename device %q to temporary name: %v", hostDevName, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If moveLinkIn() is called with interface Up and failed at here (or later), then the interface goes down and not up. I suppose to add the code to revert (i.e. LinkSetUp()) at error-return case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added logic to restore netdev:
- bring back to host namespace
- retore netdev name
- restore link status
cabb009
to
9cde7a3
Compare
Today, it is not possible to use host-device CNI to move a host device to container namespace if a device already exists in that namespace. e.g when a delegate plugin (such as multus) is used to provide multiple networks to a container, CNI Add call will fail if the targeted host device name already exists in container network namespace. to overcome this, we use a temporary name for the interface before moving it in/out of container network namespace. Signed-off-by: adrianc <[email protected]>
9cde7a3
to
ba5bdaf
Compare
@s1061123 thx for reviewing. comment addressed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM'ed!
Today, it is not possible to use host-device CNI to move a
host device to container namespace if a device with the same
netdev name already exists in that namespace.
e.g when a delegate plugin (such as multus) is used to provide
multiple networks to a container, CNI Add call will fail if
the targeted host device name already exists in container network
namespace.
to overcome this, we use a temporary name for the interface before
moving it in/out of container network namespace.